Vault 7: The CIA weaponized these popular programs to spy on people

Two days ago, WikiLeaks unleashed a treasure trove of data relating to the CIA's supposed arsenal of hacking tools. Code-named Vault 7, the "Year Zero" cache contains over 8,500 documents and files, and is, according to WikiLeaks, just the first batch. More content will be leaked over time.

While we know that the CIA’s zero day weapons could be used to exploit iPhones, Android devices, Windows PCs and even Samsung TVs, one of the hacking tools is particularly interesting.

Named "Fine Dining", and developed by the OSB (Operational Support Branch), in the CIA's Center for Cyber Intelligence, it is a collection of malware-laced applications that could be used to spy on a target system. In all cases bar one (U3 Software, which had a Trojan as its execution vector) the OSB used DLL Hijacking to inject the malicious code into the application.

Once run (many of the weaponized apps are portable, and designed to run from a USB memory stick), the decoy app executed malicious code, and could steal information without the user knowing. "Fine Dining" allows for the decoy app to be fully customized depending on what is required.

An agent will need to install and run the malicious app on the target PC for it to gather data. It's important to note the standard programs -- which you might use on a daily basis -- are safe so you don't need to worry they are spying on you

The list of allegedly weaponized applications includes:

VLC Player Portable

IrfanView

Notepad++

Skype

Chrome Portable

Firefox Portable

Opera Portable

ClamWin Portable

Kaspersky TDSS Killer Portable

McAfee Stinger Portable

Sophos Virus Removal

Opera Mail

Thunderbird Portable

Foxit Reader

LibreOffice Portable

Prezi

Babel Pad

Iperius Backup

Sandisk Secure Access

U3 Software

2048

LBreakout2

7-Zip Portable

Portable Linux CMD Prompt

The latest version of Notepad++, which is included in the list, patches the DLL hijack security issue that was detailed on the WikiLeaks page. No doubt other software developers will be updating their products in light of the leak in the near future.